Jeff King <peff@xxxxxxxx> writes: >> Hmm, that is a valid concern. Introducing yet another environment >> feels a bit yucky, but something like GIT_NO_REDACT that disables >> any redacting, not limited to curl but in all codepaths, might turn >> out to be a useful escape hatch. >> >> Opinions? > > Having an environment variable was my first thought, as well. I do > think it's key that the default be to redact. That makes life slightly > harder for people debugging auth problems, but prevents people from > accidentally leaking private info. > > Regarding the name: > > - should it be under GIT_TRACE_CURL_* to make its impact clear? Or do > we imagine it might eventually be applied elsewhere? > > - doing GIT_TRACE_REDACT would get rid of the negative (and it could > just default to "true") I like the latter, and I do expect it to allow the person who debugs to temporarily disable *any* codepath that redacts its output. Thanks.
